package com.itheima.question.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpSession;

@RestController
@RequestMapping("/user")
public class UserController {
    @GetMapping("/name")
    @PreAuthorize("hasRole('ADMIN')")
    public String getUser(HttpSession session){
        session.setAttribute("username","zhangsan");
        return "zhangsan";
    }
}
